netfilter: fix endian bug in conntrack printks

dcc_ip is treated as a host-endian value in the first printk, but the second printk uses %pI4 which expects a be32. This will cause a mismatch between the debug statement and the warning statement. Treat as a be32 throughout and avoid some byteswapping during some comparisions, and allow another user of HIPQUAD to bite the dust. Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Harvey Harrison <harvey.harrison@gmail.com> 2009-03-28 11:38:30 -0400
committer: David S. Miller <davem@davemloft.net> 2009-03-29 02:55:57 -0400
commit: f940964901aa69e28ce729d7614061d014184472 (patch)
tree: 4f52de427646cbff6803e4aefd68db337632d67a /net
parent: 3e8af307bfe3b6318a1aaaf8ce18d0af7ddf2ea2 (diff)
1 files changed, 8 insertions, 7 deletions
diff --git a/net/netfilter/nf_conntrack_irc.c b/net/netfilter/nf_conntrack_irc.c
index 409c8be58e7c..8bd98c84f77e 100644
--- a/net/netfilter/nf_conntrack_irc.c
+++ b/net/netfilter/nf_conntrack_irc.c
@@ -66,7 +66,7 @@ static const char *const dccprotos[] = {
 *      ad_beg_p        returns pointer to first byte of addr data
 *      ad_end_p        returns pointer to last byte of addr data
 */
-static int parse_dcc(char *data, const char *data_end, u_int32_t *ip,
+static int parse_dcc(char *data, const char *data_end, __be32 *ip,
                     u_int16_t *port, char **ad_beg_p, char **ad_end_p)
 {
        char *tmp;
@@ -85,7 +85,7 @@ static int parse_dcc(char *data, const char *data_end, u_int32_t *ip,
                return -1;
        *ad_beg_p = data;
-        *ip = simple_strtoul(data, &data, 10);
+        *ip = cpu_to_be32(simple_strtoul(data, &data, 10));
        /* skip blanks between ip and port */
        while (*data == ' ') {
@@ -112,7 +112,7 @@ static int help(struct sk_buff *skb, unsigned int protoff,
        int dir = CTINFO2DIR(ctinfo);
        struct nf_conntrack_expect *exp;
        struct nf_conntrack_tuple *tuple;
-        u_int32_t dcc_ip;
+        __be32 dcc_ip;
        u_int16_t dcc_port;
        __be16 port;
        int i, ret = NF_ACCEPT;
@@ -177,13 +177,14 @@ static int help(struct sk_buff *skb, unsigned int protoff,
                                pr_debug("unable to parse dcc command\n");
                                continue;
                        }
-                        pr_debug("DCC bound ip/port: %u.%u.%u.%u:%u\n",
-                                 HIPQUAD(dcc_ip), dcc_port);
+                        pr_debug("DCC bound ip/port: %pI4:%u\n",
+                                 &dcc_ip, dcc_port);
                        /* dcc_ip can be the internal OR external (NAT'ed) IP */
                        tuple = &ct->tuplehash[dir].tuple;
-                        if (tuple->src.u3.ip != htonl(dcc_ip) &&
+                        if (tuple->src.u3.ip != dcc_ip &&
-                            tuple->dst.u3.ip != htonl(dcc_ip)) {
+                            tuple->dst.u3.ip != dcc_ip) {
                                if (net_ratelimit())
                                        printk(KERN_WARNING
                                                "Forged DCC command from %pI4: %pI4:%u\n",
author	Harvey Harrison <harvey.harrison@gmail.com>	2009-03-28 11:38:30 -0400
committer	David S. Miller <davem@davemloft.net>	2009-03-29 02:55:57 -0400
commit	f940964901aa69e28ce729d7614061d014184472 (patch)
tree	4f52de427646cbff6803e4aefd68db337632d67a /net
parent	3e8af307bfe3b6318a1aaaf8ce18d0af7ddf2ea2 (diff)

diff --git a/net/netfilter/nf_conntrack_irc.c b/net/netfilter/nf_conntrack_irc.c index 409c8be58e7c..8bd98c84f77e 100644 --- a/net/netfilter/nf_conntrack_irc.c +++ b/net/netfilter/nf_conntrack_irc.c
@@ -66,7 +66,7 @@ static const char *const dccprotos[] = {
66	* ad_beg_p returns pointer to first byte of addr data	66	* ad_beg_p returns pointer to first byte of addr data
67	* ad_end_p returns pointer to last byte of addr data	67	* ad_end_p returns pointer to last byte of addr data
68	*/	68	*/
69	static int parse_dcc(char data, const char data_end, u_int32_t *ip,	69	static int parse_dcc(char data, const char data_end, __be32 *ip,
70	u_int16_t port, char ad_beg_p, char *ad_end_p)	70	u_int16_t port, char ad_beg_p, char *ad_end_p)
71	{	71	{
72	char *tmp;	72	char *tmp;
@@ -85,7 +85,7 @@ static int parse_dcc(char data, const char data_end, u_int32_t *ip,
85	return -1;	85	return -1;
86		86
87	*ad_beg_p = data;	87	*ad_beg_p = data;
88	*ip = simple_strtoul(data, &data, 10);	88	*ip = cpu_to_be32(simple_strtoul(data, &data, 10));
89		89
90	/* skip blanks between ip and port */	90	/* skip blanks between ip and port */
91	while (*data == ' ') {	91	while (*data == ' ') {
@@ -112,7 +112,7 @@ static int help(struct sk_buff *skb, unsigned int protoff,
112	int dir = CTINFO2DIR(ctinfo);	112	int dir = CTINFO2DIR(ctinfo);
113	struct nf_conntrack_expect *exp;	113	struct nf_conntrack_expect *exp;
114	struct nf_conntrack_tuple *tuple;	114	struct nf_conntrack_tuple *tuple;
115	u_int32_t dcc_ip;	115	__be32 dcc_ip;
116	u_int16_t dcc_port;	116	u_int16_t dcc_port;
117	__be16 port;	117	__be16 port;
118	int i, ret = NF_ACCEPT;	118	int i, ret = NF_ACCEPT;
@@ -177,13 +177,14 @@ static int help(struct sk_buff *skb, unsigned int protoff,
177	pr_debug("unable to parse dcc command\n");	177	pr_debug("unable to parse dcc command\n");
178	continue;	178	continue;
179	}	179	}
180	pr_debug("DCC bound ip/port: %u.%u.%u.%u:%u\n",	180
181	HIPQUAD(dcc_ip), dcc_port);	181	pr_debug("DCC bound ip/port: %pI4:%u\n",
		182	&dcc_ip, dcc_port);
182		183
183	/* dcc_ip can be the internal OR external (NAT'ed) IP */	184	/* dcc_ip can be the internal OR external (NAT'ed) IP */
184	tuple = &ct->tuplehash[dir].tuple;	185	tuple = &ct->tuplehash[dir].tuple;
185	if (tuple->src.u3.ip != htonl(dcc_ip) &&	186	if (tuple->src.u3.ip != dcc_ip &&
186	tuple->dst.u3.ip != htonl(dcc_ip)) {	187	tuple->dst.u3.ip != dcc_ip) {
187	if (net_ratelimit())	188	if (net_ratelimit())
188	printk(KERN_WARNING	189	printk(KERN_WARNING
189	"Forged DCC command from %pI4: %pI4:%u\n",	190	"Forged DCC command from %pI4: %pI4:%u\n",